Governments and companies around the world began to gain the upper hand against the first wave of the unrivaled global cyberattack this morning.

More than 200,000 computers in at least 150 countries have so far been infected, according to Europol, the European Union’s law enforcement agency. The U.K.’s National Cyber Security Centre said new cases of so-called ransomware are possible “at a significant scale.”

"For now, it does not look like the number of infected computers is increasing," said a Europol spokesman. "We will get a decryption tool eventually, but for the moment, it’s still a live threat and we’re still in disaster recovery mode."

The initial attack was stifled when a security researcher disabled a key mechanism used by the worm to spread, but experts warned the hackers were likely to mount a second attack because so many users of personal computers with Microsoft operating systems couldn’t or didn’t download a security patch released in March that Microsoft had labeled “critical.”

“I will confess that I was unaware registering the domain would stop the malware until after I registered it, so initially it was accidental,” wrote the researcher, who uses the Twitter name @MalwareTechBlog.

“So long as the domain isn’t revoked, this particular strain will no longer cause harm, but patch your systems ASAP as they will try again.”

But the world is still digging out...

Europol executive director Rob Wainwright told Britain's ITV television on Sunday that the attack had been "unprecedented". "We've never seen anything like this," he said.

In China, "hundreds of thousands" of computers were affected, including petrol stations, cash machines and universities, according to Qihoo 360, one of China's largest providers of antivirus software. The malware affected computers at “several” unspecified Chinese government departments, the country’s Cyberspace Administration said on its WeChat blog Monday. Since that initial attack, agencies and companies from the police to banks and communications firms have put preventive measures in place, while Qihoo 360 Technology Co., Tencent Holdings Ltd. and other cybersecurity firms have begun making protection tools available, the internet overseer said.

French carmaker Renault said its Douai plant, one of its biggest sites in France employing 5,500 people, would be shut on Monday as systems were upgraded.

In Japan, Hitachi Ltd. said that some of its computers had been affected.

In South Korea, CJ CGV Co., the country’s largest cinema chain, said advertising servers and displays at film theaters were hit by ransomware. Movie servers weren’t affected and are running as normal, it said in a text message Monday.

Indonesia’s government reported two hospitals in Jakarta were affected.

About 97 percent of U.K. facilities and doctors disabled by the attack were back to normal operation, Home Secretary Amber Rudd said Saturday after a government meeting. At the height of the attack Friday and early Saturday, 48 organizations in the NHS were affected, and hospitals in London, North West England and Central England urged people with non-emergency conditions to stay away as technicians tried to stop the spread of the malicious software.

As Microsoft's president and chief legal officer, Brad Smith, said in a blog post Sunday:

"An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen," Smith wrote.

"The governments of the world should treat this attack as a wake up call."

President Trump's homeland security adviser, Tom Bossert, said that Friday's global cyberattack is something that "for right now, we've got under control" in the U.S., reports AP:

"Bossert tells ABC's 'Good Morning America' that the malware is an "extremely serious threat" that could inspire copycat attacks. But Microsoft's security patch released in March should protect U.S. networks for those who install it."

"Micrsoft's top lawyer has criticized U.S. intelligence for 'stockpiling' software code that can aid hackers. Cybersecurity experts say the unknown hackers behind the latest attacks used a vulnerability exposed in U.S. government documents leaked online."

"Bossert said 'criminals' are responsible, not the U.S. government. Bossert says the U.S. hasn't ruled out involvement by a foreign government, but that the recent ransom demands suggest a criminal network."

However, new variants of the rapidly replicating malware were discovered Sunday. One did not include the so-called kill switch that allowed researchers to interrupt the malware's spread Friday by diverting it to a dead end on the internet.

As Bloomberg reports that Matt Suiche, founder of United Arab Emirates-based cyber security firm Comae Technologies warns a new version of the ransomware may have also been spreading over the weekend.

About 50% of machines that would have spread the infection by the second variation of the malware have Russian I.P. addresses, according to Suiche.

Over 40,000 machines appear to have been infected by the second variation of the malware already.

Ryan Kalember, senior vice president at Proofpoint Inc., which helped stop its spread, said the version without a kill switch could spread. It was benign because it contained a flaw that prevented it from taking over computers and demanding ransom to unlock files but other more malicious ones will likely pop up.

"We haven't fully dodged this bullet at all until we're patched against the vulnerability itself," Kalember said.

IT weaponry is cool, but just wait until USA gets a taste of their own drone technology! I'm sure they will cry about how unfair it is for others to employ such "tools", being the world's unelected police force and all...

As long as they can keep using this to scare people and demonize Russia, they will never work with OS manufacturers to fix all these holes. Just too much capital to burn for such a lowly purpose as helping us.

Kinda reinforces my suspicion that "anti virus firms" are a scam. They had how many months since Vault7 was released? Apparently they spent the time playing fooseball and pounding down the Diet Shasta.

If you had been keeping up with Windows updates, you already had the patch. Malwarebytes premium users are safe, too. Not sure about free versions.
Your point is well taken though. These back doorways should have immediately patched, and there should have been way more publicity about the whole issue.

Many AV people by their own admission agree -- AV isn't the way to secure things anymore. Symantec even came out publically three years ago saying so. By definition they will always be behind the threat rather than ahead of it.

Best bet is to not use an OS known for its security problems and sticking to proven software. And not having users that are complete idiots, but this last one is a pipe dream.

I had a ransomware attempt on my business computers. Came from an American university. I forget which one.

A businessman I know got hit but he has a separate computer for emails. Just threw it away. He told me that the ransom message was in English and Russian. He used google translate to convert the English message to Russian. It was identical to the ransom demand. Anyone who knows how translators work would get it.

This seems to be another scaremongering false-flaggy hype-fest, preying on public ignorance, like we saw with Pig / Bird / Chicken Flew / Zeka, et cetera. This time, your "vaccination" is the handy-dandy ready-just-in-time Windows Update, which by updating renders your system more vulnerable to cloud-based computing against your will, with all the enhanced potential for central control and privacy-breaching that goes along with it.

This is GOOD NEWS for Microsoft. Think of the extra money being spent now on hardware upgrades and new user licences. We're talking about the OS rolled out by a company run by a known depopulationist, remember? This is the online equivalent of HERD MANAGEMENT by the GATE[s] KEEPER.

If it all goes down, I will miss the commentary here, but the good news is that people will have to think for themselves again for a change. Used to be you navigated using a map. If gps goes down millions of folks will be lost. Just make sure you get off the road before them newfangled driverless cars and trucks go bugfuck, same goes for aeroplanes n trains.

At very minimum I'm right because Linux users are just more intellectually aware and curious. Two because it's a protected kernel where I actually think twice about entering root password. Three because of all the variants of Linux it becomes very much hard to target all versions of it. Whereas Microsoft is always the same code base and installer and majority version too so good luck with that one. The biggest fault insecurity is the scripts that inside a modern webbrowser. That isn't something I'm totally immune from either, that is visiting a bogus site that is open to festering criminal scripts. Sure I have script blockers but it's no guarantee that my privacy is guaranteed. I've caught many bad scripts of generally benign sites, but still there are limits to the damage that can be done. Yes anyone can develop say code into the Linux code base, it's not bullet proof say a bad actor for the CIA introduces methods into a an algorithm of the Linux code base. Suppose they have this inside man be some upper level administrator that allows the branched code to be merged. Well let's assume this obscurity goes unnoticed for some time. That however, doesn't mean that everyone is using that version. And the idea that with 100's, 1000's, even 100,000's of other software eyes peering over the malignant code that it can remain undetected for very long. So no it's not absolutely immune, but I again I don't have the kind of nightmares I used to have with Windows. It's been the best investment I ever made to leave Windows behind. Well I still use virtualboxes when I absolutely have to develop around it or use a specific software. Overall, Windows is a proprietary virus. Oh and the whole Gates story like Facebook Zuckerberg/Musk story, is another Joo media fantasy (laughs). Only Gentiles have to wait until middle age like Ford to start getting enough knowledge, and capital to actually make big things happen. Jews though just use the Juminati, printed dollars bills, their great Uncles/grandparents the Rockefellers and Rothchilds, the government as a customer, and finally their lying media to create a sensation of a Doogie House industry titan (laughs). The whole thing just a big B.S. storyline along with their virus laden works. Thank God for open source, it's the one area where Mystery Babi hasn't totally usurped the average man in being able to resist in technology. Anyone using a handheld? Most likely linux or unix code base. Generally the things are nearly immune to Goober but obviously not always if they allow anyone to install root software.

The only boy genius story of an industry titan I might buy is the story of Steve Jobs. Here though the guy was pretty much immoral as a Turkish bloodline following the "Mud" Talmud Jew in cheating and using his fellow developers. In the end the guy probably was hospitalized and removed from power after rebuilding the capital so they could have their gay Jew take over. That's the way it works in Mystery Babylon. If you aren't Howard Hughes and a bit paranoid of these people when you have money and power you are in deep trouble. In fact money and power brings these antichrist even if you are paranoid, the easy buck that can be taken by Mud "Talmud" reasoning is like a magnet to iron. These people are attracted to their own lies of greatness. But anyway, yeah Microsoft is a big pile of doo doo. Only the undereducated utilise it as a main operating system.